Researchers crack Windows code for online activity monitoring

A team of researchers has cracked Microsoft’s Windows encryption for the first time, opening it up to the public to help monitor illegal online behavior.

The team at Stanford University discovered a way to bypass the encryption protecting a PC hard drive that can find out what sites have been visited and if any data has been stored in the cloud.

The software developed can now reconstruct “where the user has been online, and what identity they used”, which the team says is a significant advance on other commercially available tools. 

The researchers combined data extraction methods with their new find in the Offline Windows Analysis and Data Extraction (OWADE) software, the New Scientist writes.  The alpha version can be found here.

The software now allows accessing browsing history, site logins and passwords by bypassing an encryption based on a Windows login.  This would have been impossible on commercial forensic software that relies on purely examining a disc.

Interestingly, the discovery means that they are the only team in the world outside of Microsoft that is able to decrypt the files.

So this opens up the possibility for the police at least, of a better tool for apprehending paedophiles for example, as now it is possible to reach much deeper into suspect activities than just the hard drive.

Now it is possible to match suspects with their online identities, and even access their online accounts, previously out of the reach of police.

However now that the open source software is publically available for free, it could also benefit the crooks potentially too.

The New Scientist highlights that the software could be used by tech-savvy sex offenders, and could mean that they could find other solutions to hide their data where possible.